Recently our mail server's reputation has been down rated by Hotmail, according to postmaster/live SNDS-service (from green to yellow and a single day in red). Therefore, me and my colleagues are now running a check of everything send from the mail server to see if all is in order: DKIM, SPF, DMARC, rDNS and so forth. Our mail server is not new, and have over the last 1,5 years had a fine reputation at Hotmail, and is still having a fine score by senderscore.org, ndswl.org and Gmail.

The mail server is sending e-mails on behalf of somewhat 20 different companies, which are using our customer relation system, as a part of our service. As I am now checking up on all the different companies’ domain reputation to figure out what is going on at Hotmail, I can see some of the domains are suffering.

Even though the SPFs, DKIMs and DMARCs mostly are set correctly for our specific mail server in the domains, some of the companies' DNS records are not set right for other mail servers, they use in their communication. (I believe it is not spammers who are abusing our customers’ domains, but probably a lack of attention to the importance of setting up the relevant DNS-records and certificates, by our customers).

Now my question is: Can the lower reputation of some of the companies' domains hurt our mail server's IP-reputation? - Taken that the DKIMs, SPFs, DMARCs and so on are set up correctly at the domains for our mail server? Generally, can a lower domain reputation hurt an IP reputation? - And does Hotmail use this in the calculation of an IP's reputation?

I sincerely hope not, since it will be a major issue to fix and very up the hill, with a dozen of companies' domains and different levels of attention to email delivery by the customers. But after all it is better to know, and then take some action to set it all up in a different way.

Is your IP flagged, or is a domain flagged?
– jrtapsellSep 11 '17 at 10:51

At Hotmail I can only see the server level rank, and the IP are getting a warning there toward low score. Every other check I have done of the IPs reputation has been very high. But there is something about to be wrong, since Hotmail given us this warning. Some of the domains are ranked lower on Gmail, and I found errors i some of the SPF's regaring other mail servers. And one domain has a very low score and having one of their other mail servers blacklisted.
– Anne hansenSep 11 '17 at 11:02

1

Is this is the situation Link, with Bad IP having sent spam as Bad Domain?
– jrtapsellSep 11 '17 at 11:03

jrtapsell, yes, I think, that could be the image of it: Our mail server sends email on behalf of a domain with a correct DKIM, SPF og DMARC, but another mail server also sends from that domain with errors in DKIM and SPF, and are blacklisted. That is one of the error scenarios.
– Anne hansenSep 11 '17 at 11:12

1 Answer
1

As such, you should be ok, most providers would flag the IP, some may also flag the bad domain, but I haven't heard of a provider blocking other mailservers listed for a domain, otherwise the following attack would work:

jrtapsell, thank you very much for clearing that up, and for the illustation as well. That is a great help. I can see now, that this behavior of the recieving mail servers could be used to damage somebody, and in general would be horrible to maintain. We continue to look into our setting to determine what it is Hotmail don't like about our mail server at the moment.
– Anne hansenSep 11 '17 at 12:56